9857502458cfa9e03c238256c3586d40b212689e2119a0bc860a17fa377eeacf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a7da70c07f8daccbc034aab35e58b85f_JaffaCakes118
Size

42KB
Sample

240818-xrk5faselj
MD5

a7da70c07f8daccbc034aab35e58b85f
SHA1

30f2ed3d58e7d6330734ab879938a61a06df1723
SHA256

9857502458cfa9e03c238256c3586d40b212689e2119a0bc860a17fa377eeacf
SHA512

3eb7e507b91da7966f2e17c9646ea909b1d01bcd00c912c52807616660c18b0d82a73247850bae96dd5e16660c993c4d643f116940e3836c04cbcea435e98541
SSDEEP

768:wLn/mcndPSCJROcKGkPanOWrfQqEVmt+WNP5Q8nSwcD61KSne1wmxgLhx:wLn/mcdPSD/GkPaOWrfxBP5Qiam+wmqL

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  a7da70c07f8daccbc034aab35e58b85f_JaffaCakes118
- Size
  
  42KB
- MD5
  
  a7da70c07f8daccbc034aab35e58b85f
- SHA1
  
  30f2ed3d58e7d6330734ab879938a61a06df1723
- SHA256
  
  9857502458cfa9e03c238256c3586d40b212689e2119a0bc860a17fa377eeacf
- SHA512
  
  3eb7e507b91da7966f2e17c9646ea909b1d01bcd00c912c52807616660c18b0d82a73247850bae96dd5e16660c993c4d643f116940e3836c04cbcea435e98541
- SSDEEP
  
  768:wLn/mcndPSCJROcKGkPanOWrfQqEVmt+WNP5Q8nSwcD61KSne1wmxgLhx:wLn/mcdPSD/GkPaOWrfxBP5Qiam+wmqL
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence